<?php
class User {
	private $username;
	private $pass;
	private $level;
	private $database;
	
	public function __construct($database) {
		$this->database = $database;	
		$this->level = 0;	
	}
	
	public function getLevel() {
		return $this->level;
	}
	
	public function getUsername() {
		return $this->username;
	}
	
	public function logout() {
		$this->username = null;
		$this->pass = null;
		$this->level = 0;
		header('Location: index.php');
	}
	
	public function login($username, $pass) {
		$result = mysql_query(sprintf("SELECT *
				FROM users
				WHERE username = '%s'
				AND pass = '%s'",
				mysql_real_escape_string($username),
				mysql_real_escape_string($pass))
				);
		if($row = mysql_fetch_assoc($result)) {			
			$this->username = $row['username'];
			$this->pass = $row['pass'];
			//Levels: 1 = regular user; 2 = admin
			$this->level = $row['level'];
			return true;
		}
		else {
			return false;
		}
	}
	

}
	

?>